Authenticates a user based on the submitted {@code AuthenticationToken}. <p/> If the authentication is successful, an {@link AuthenticationInfo} instance is returned that represents the user's account data relevant to Shiro. This returned object is generally used in turn to construct a {@code Subject} representing a more complete security-specific 'view' of an account that also allows access to a {@code Session}.
An Authenticator is responsible for authenticating accounts in an application. It is one of the primary entry points into the Shiro API. <p/> Although not a requirement, there is usually a single 'master' Authenticator configured for an application. Enabling Pluggable Authentication Module (PAM) behavior (Two Phase Commit, etc.) is usually achieved by the single {@code Authenticator} coordinating and interacting with an application-configured set of {@link hunt.shiro.realm.Realm Realm}s. <p/> Note that most Shiro users will not interact with an {@code Authenticator} instance directly. Shiro's default architecture is based on an overall {@code SecurityManager} which typically wraps an {@code Authenticator} instance.
@see hunt.shiro.mgt.SecurityManager @see AbstractAuthenticator AbstractAuthenticator @see hunt.shiro.authc.pam.ModularRealmAuthenticator ModularRealmAuthenticator